Hi All, Since I was looking out for an attachment policy with qmail could not find any, thought to do one
Patch function (only if email contains attachment) x...@local to a...@local allow sending of email a...@local to a...@external deny sending of email Can also be enabled with tcp-evn but not done would like to have it as per user profile Can someone help me in doing it as per field in ldap meaning sending of attachment email either yes or no should be stored in ldap also if someone can go through the code and find if any bugs and correct them will be great apply the patch for vanila qmail-lda src //Remy ------------------------------------------------------------------------------ Disclaimer and Confidentiality This material has been checked for computer viruses and although none has been found, we cannot guarantee that it is completely free from such problems and do not accept any liability for loss or damage which may be caused. Please therefore check any attachments for viruses before using them on your own equipment. If you do find a computer virus please inform us immediately so that we may take appropriate action. This communication is intended solely for the addressee and is confidential. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. The views expressed in this message are those of the individual sender, and may not necessarily be that of ISA.
--- qmail-1.03.orig/execcheck.c 2008-10-18 23:49:33.000000000 +0400 +++ git/qmail/execcheck.c 2009-06-29 12:10:11.000000000 +0400 @@ -52,6 +52,7 @@ static int checkexecutable = 0; static int flagexecutable; +static int flagattachment; static stralloc signatures = {0}; void @@ -81,6 +82,12 @@ return flagexecutable; } +int +attachmentcheck_flag(void) +{ + return flagattachment; +} + static int signatures_match(stralloc *line, char *sig) { @@ -107,6 +114,17 @@ return 0; } +static int +attachments_check(stralloc *line) +{ + char *s; + s = "Content-Disposition: attachment; filename="; + + if(signatures_match(line, s)) + return 1; + return 0; +} + static int linespastheader; /* = 0 if in header (mime or mail) * = 1 line after blank line * = 2 somewhere in body @@ -217,6 +235,7 @@ boundary_start = 0; boundary_len = 0; flagexecutable = 0; + flagattachment = 0; flagrfc822 = 0; linetype = ' '; } @@ -243,6 +262,9 @@ * in mail or mime header, search for content-type * and possible boundary */ + if(attachments_check(&line)) + flagattachment = 1; + if (line.len == 1) { /* end of header */ linespastheader = 1; if (content.len) /* MIME header */ --- qmail-smtpd.c.orig 2009-06-29 12:14:12.000000000 +0400 +++ qmail-smtpd.c 2009-06-29 12:07:14.000000000 +0400 @@ -302,6 +302,8 @@ unsigned int maxrcptcount = 0; int greylist = 0; int sendercheck = 0; +int rcptlocalflag = 0; +int senderlocalflag = 0; int rcptcheck = 0; int ldapsoftok = 0; int flagauth = 0; @@ -1118,6 +1120,7 @@ switch (ldaplookup(addr.s, &s)) { case 1: /* valid */ + senderlocalflag = 1; logline(4,"sender verify OK"); break; case 0: /* invalid */ @@ -1229,6 +1232,7 @@ /* check if recipient exists in ldap */ if (rcptcheck) { + rcptlocalflag = 0; if (!goodmailaddr()) { logline(4,"recipient verify, recipient not in goodmailaddr"); if (addrlocals()) { @@ -1236,6 +1240,7 @@ logline(4,"recipient verify, recipient is local"); switch (ldaplookup(addr.s, &s)) { case 1: /* valid */ + rcptlocalflag = 1; logline(4,"recipient verify OK"); break; case 0: /* invalid */ @@ -1554,6 +1559,18 @@ #endif blast(&hops); +#ifdef SMTPEXECCHECK + /* check if the email has attachment*/ + if (attachmentcheck_flag()) { + if (senderlocalflag && !rcptlocalflag) { + out("552 You are not allowed to send email with attachment other then to your local address (#5.3.5)\r\n"); + logline(3,"email with attachment other then to your local address denied"); + if (errdisconnect) err_quit(); + return; + } + } +#endif + #ifdef DATA_COMPRESS if (wantcomp) { if (compression_done() != 0) return; } #endif